CVE-2009-3706 — Opensolaris vulnerability

4 documents4 sources

Severity

4.4MEDIUMNVD

EPSS

0.0%

top 85.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Opensolaris SUN Solaris

Timeline

PublishedOct 16

Latest updateMay 2

Description

Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown system call.

CVSS vector

AV:L/AC:M/C:P/I:P/A:PExploitability: 3.4 | Impact: 6.4

Affected Packages2 packages

▶NVDsun/opensolaris18 versions+17

▶NVDsun/solaris10, 10.0+1

Patches

Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-qv4m-mw37-hvg2: Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limi↗2022-05-02

▶

CVEList

CVE-2009-3706: Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limi↗2009-10-16

▶

💬Community

Bugzilla

CVE-2009-0790 openswan: ISAKMP DPD remote DoS↗2009-03-24

▶